This Log4j Resource Center is a collection of some of our advisories, articles, and case studies put together for the infosec community.
What is Log4j?
The Java logging library, Log4j, is a ubiquitous software used to record activities in a wide range of systems found in consumer-facing products, enterprise software, and web applications. Recently, a serious vulnerability in this popular package, CVE-2021-44228, was disclosed in Log4j versions 2.0 to 2.14.1, posing a severe risk to millions of software and web apps. An exploit known as “Log4shell” was publicly disclosed in December 2021 and it is highly recommended this flaw be patched as soon as possible.